Описание
Intelbras WiFiber 120AC inMesh before 1-1-220826 allows command injection by authenticated users, as demonstrated by the /boaform/formPing6 and /boaform/formTracert URIs for ping and traceroute.
Ссылки
- ExploitPatchThird Party Advisory
- ExploitMailing ListPatchThird Party Advisory
- ExploitPatchThird Party Advisory
- ExploitMailing ListPatchThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 1.1-220216 (включая) до 1.1-220826 (исключая)
Одновременно
cpe:2.3:o:intelbras:wifiber_120ac_inmesh_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:intelbras:wifiber_120ac_inmesh:-:*:*:*:*:*:*:*
EPSS
Процентиль: 89%
0.05066
Низкий
8.8 High
CVSS3
Дефекты
CWE-78
CWE-78
Связанные уязвимости
CVSS3: 8.8
github
больше 2 лет назад
Intelbras WiFiber 120AC inMesh before 1-1-220826 allows command injection by authenticated users, as demonstrated by the /boaform/formPing6 and /boaform/formTracert URIs for ping and traceroute.
EPSS
Процентиль: 89%
0.05066
Низкий
8.8 High
CVSS3
Дефекты
CWE-78
CWE-78